«
»
July 17th
2012
Posted by in Data Protection, Laptop Security

Behind Data Protection Door Number 2

Better Encryption ApproachSo what’s the alternative?  Well the alternative really is what we’re calling here the data protection platform, and a platform that can provide a central set of services where the data protection goes with the data as the data moves across the data life cycle.

So what you do is you encrypt the data within your enterprise and as the data moves it stays encrypted.  There are some challenges with doing that – which I’ll talk about later.  But some of the core tenants that you need to be a successful platform is you need obviously to have simple control and management visibility into where your data is, how it’s being protected, how to recover access to it.  How to manage and report on the system in terms of keys and compliance and collaboration and how to report and audit that you’re complying.

Now of course to make something like that happen you have to be able to automate as much as possible.  So you do need software that does automation and you need to be able to have a very flexible policy system that lets you specify rules for how you protect data wherever it goes.  But another important piece is it needs to be extensible.  We already said that there are more and more services coming on all the time…but the one thing consistent is those things all tend to use data as files, as discrete chunks of data.  And those things can be protected.  Data that moves into Dropbox or into Amazon tends to be file based data by and large unless you’re going into a proprietary system.  And then where there are proprietary systems, there is a list of standards.

A platform needs to be based on standards as much as possible and avoid the proprietary nature some systems will lock into.  If you can use standards, and you provide a framework for extensibility than you can get this ability to add on to the system after it’s been deployed and add services.  And that’s really where we need to go.  So that you can provide new safe paths for your users as new Cloud offerings or new mobile devices come on line.

Obviously it has to support your existing IT infrastructure so you have to integrate with other operational processes like AD, log management, security, event management and information event management.  All those things have to be supported by the platform as well.  And then you have to, fundamentally stay out of your user’s way.  You have to maintain a real strong sense of transparency. You have to provide very easy paths for your consumers to be safe.  And the security can’t get in the way of that.

So next I’ll discuss why a data protection platform is better….

No Comments
+ Add a comment

Leave a Reply


Follow Us

Follow us on Twitter Follow us on Facebook Follow us on Youtube